commit nginx for openSUSE:Factory

root Tue, 07 May 2019 14:19:36 -0700

Hello community,

here is the log from the commit of package nginx for openSUSE:Factory checked 
in at 2019-05-07 23:19:02
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/nginx (Old)
 and      /work/SRC/openSUSE:Factory/.nginx.new.5148 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "nginx"

Tue May  7 23:19:02 2019 rev:35 rq:701160 version:1.16.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/nginx/nginx.changes      2019-04-11 
12:18:35.160974361 +0200
+++ /work/SRC/openSUSE:Factory/.nginx.new.5148/nginx.changes    2019-05-07 
23:19:03.904931672 +0200
@@ -1,0 +2,7 @@
+Mon May 06 06:05:23 UTC 2019 - [email protected]
+
+- update to version 1.16.0
+  * 1.16 stable branch
+  * Bugfix: segfault may occur in ssl_certificate worker process
+
+-------------------------------------------------------------------

Old:
----
  nginx-1.15.10.tar.gz
  nginx-1.15.10.tar.gz.asc

New:
----
  nginx-1.16.0.tar.gz
  nginx-1.16.0.tar.gz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ nginx.spec ++++++
--- /var/tmp/diff_new_pack.eZEnZB/_old  2019-05-07 23:19:05.204934403 +0200
+++ /var/tmp/diff_new_pack.eZEnZB/_new  2019-05-07 23:19:05.204934403 +0200
@@ -70,7 +70,7 @@
 %define ngx_doc_dir    %{_datadir}/doc/packages/%{name}
 #
 Name:           nginx
-Version:        1.15.10
+Version:        1.16.0
 Release:        0
 %define ngx_fancyindex_version 0.4.2
 %define ngx_fancyindex_module_path ngx-fancyindex-%{ngx_fancyindex_version}

++++++ nginx-1.15.10.tar.gz -> nginx-1.16.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.15.10/CHANGES new/nginx-1.16.0/CHANGES
--- old/nginx-1.15.10/CHANGES   2019-03-26 15:06:59.000000000 +0100
+++ new/nginx-1.16.0/CHANGES    2019-04-23 15:13:01.000000000 +0200
@@ -1,4 +1,21 @@
 
+Changes with nginx 1.16.0                                        23 Apr 2019
+
+    *) 1.16.x stable branch.
+
+
+Changes with nginx 1.15.12                                       16 Apr 2019
+
+    *) Bugfix: a segmentation fault might occur in a worker process if
+       variables were used in the "ssl_certificate" or "ssl_certificate_key"
+       directives and OCSP stapling was enabled.
+
+
+Changes with nginx 1.15.11                                       09 Apr 2019
+
+    *) Bugfix: in the "ssl_stapling_file" directive on Windows.
+
+
 Changes with nginx 1.15.10                                       26 Mar 2019
 
     *) Change: when using a hostname in the "listen" directive nginx now
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.15.10/CHANGES.ru new/nginx-1.16.0/CHANGES.ru
--- old/nginx-1.15.10/CHANGES.ru        2019-03-26 15:06:58.000000000 +0100
+++ new/nginx-1.16.0/CHANGES.ru 2019-04-23 15:13:00.000000000 +0200
@@ -1,4 +1,21 @@
 
+Изменения в nginx 1.16.0                                          23.04.2019
+
+    *) Стабильная ветка 1.16.x.
+
+
+Изменения в nginx 1.15.12                                         16.04.2019
+
+    *) Исправление: в рабочем процессе мог произойти segmentation fault,
+       если в директивах ssl_certificate или ssl_certificate_key
+       использовались переменные и был включён OCSP stapling.
+
+
+Изменения в nginx 1.15.11                                         09.04.2019
+
+    *) Исправление: в директиве ssl_stapling_file на Windows.
+
+
 Изменения в nginx 1.15.10                                         26.03.2019
 
     *) Изменение: теперь при использовании имени хоста в директиве listen
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.15.10/auto/cc/msvc 
new/nginx-1.16.0/auto/cc/msvc
--- old/nginx-1.15.10/auto/cc/msvc      2019-03-26 15:06:55.000000000 +0100
+++ new/nginx-1.16.0/auto/cc/msvc       2019-04-23 15:12:58.000000000 +0200
@@ -108,7 +108,7 @@
 # msvc under Wine issues
 # C1902: Program database manager mismatch; please check your installation
 if [ -z "$NGX_WINE" ]; then
-   CFLAGS="$CFLAGS -Zi"
+   CFLAGS="$CFLAGS -Zi -Fd$NGX_OBJS/nginx.pdb"
    CORE_LINK="$CORE_LINK -debug"
 fi
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.15.10/src/core/nginx.h 
new/nginx-1.16.0/src/core/nginx.h
--- old/nginx-1.15.10/src/core/nginx.h  2019-03-26 15:06:55.000000000 +0100
+++ new/nginx-1.16.0/src/core/nginx.h   2019-04-23 15:12:58.000000000 +0200
@@ -9,8 +9,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version      1015010
-#define NGINX_VERSION      "1.15.10"
+#define nginx_version      1016000
+#define NGINX_VERSION      "1.16.0"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #ifdef NGX_BUILD
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.15.10/src/core/ngx_string.c 
new/nginx-1.16.0/src/core/ngx_string.c
--- old/nginx-1.15.10/src/core/ngx_string.c     2019-03-26 15:06:55.000000000 
+0100
+++ new/nginx-1.16.0/src/core/ngx_string.c      2019-04-23 15:12:58.000000000 
+0200
@@ -1381,7 +1381,7 @@
             continue;
         }
 
-        if (ngx_utf8_decode(&p, n) > 0x10ffff) {
+        if (ngx_utf8_decode(&p, last - p) > 0x10ffff) {
             /* invalid UTF-8 */
             return n;
         }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.15.10/src/event/ngx_event_openssl.c 
new/nginx-1.16.0/src/event/ngx_event_openssl.c
--- old/nginx-1.15.10/src/event/ngx_event_openssl.c     2019-03-26 
15:06:55.000000000 +0100
+++ new/nginx-1.16.0/src/event/ngx_event_openssl.c      2019-04-23 
15:12:58.000000000 +0200
@@ -4622,6 +4622,7 @@
 
     name = X509_get_subject_name(cert);
     if (name == NULL) {
+        X509_free(cert);
         return NGX_ERROR;
     }
 
@@ -4673,6 +4674,7 @@
 
     name = X509_get_issuer_name(cert);
     if (name == NULL) {
+        X509_free(cert);
         return NGX_ERROR;
     }
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.15.10/src/event/ngx_event_openssl_stapling.c 
new/nginx-1.16.0/src/event/ngx_event_openssl_stapling.c
--- old/nginx-1.15.10/src/event/ngx_event_openssl_stapling.c    2019-03-26 
15:06:55.000000000 +0100
+++ new/nginx-1.16.0/src/event/ngx_event_openssl_stapling.c     2019-04-23 
15:12:58.000000000 +0200
@@ -227,7 +227,7 @@
         return NGX_ERROR;
     }
 
-    bio = BIO_new_file((char *) file->data, "r");
+    bio = BIO_new_file((char *) file->data, "rb");
     if (bio == NULL) {
         ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
                       "BIO_new_file(\"%s\") failed", file->data);
@@ -511,6 +511,11 @@
     rc = SSL_TLSEXT_ERR_NOACK;
 
     cert = SSL_get_certificate(ssl_conn);
+
+    if (cert == NULL) {
+        return rc;
+    }
+
     staple = X509_get_ex_data(cert, ngx_ssl_stapling_index);
 
     if (staple == NULL) {

commit nginx for openSUSE:Factory

Reply via email to